HackDig : Dig high-quality web security articles for hackers

Google Releases January 2021 Security Updates for Android

2021-01-05 12:35

Google this week announced the January 2021 security updates for Android devices, which address 42 vulnerabilities, including four rated critical severity.

Addressed as part of the 2021-01-01 security patch level and tracked as CVE-2021-0316, the most important of these flaws is a critical security bug in System that could be exploited to achieve code execution remotely.

An attacker looking to exploit the vulnerability would need to use a specially crafted transmission. Successful exploitation could lead to the execution of code within the context of a privileged process.

Three other vulnerabilities addressed in Android’s System component this month feature a severity rating of high. These include two elevation of privilege issues and one information disclosure bug.

The 2021-01-01 security patch level also fixes fifteen vulnerabilities in Framework, including a critical denial of service (DoS) flaw, eight high-severity elevation of privilege bugs, four high-severity information disclosure issues, one high-severity DoS flaw, and one medium-severity remote code execution vulnerability.

All of the three security flaws patched in Android’s Media Framework component this month feature a severity rating of high: one remote code execution and two information disclosure issues.

The second part of the Android security updates for January 2021 addresses a total of 19 vulnerabilities in Kernel (three high-severity flaws), MediaTek (one high-severity issue), and Qualcomm components (six high-severity bugs).

Patches for nine flaws in Qualcomm closed-source components were also included in this month’s set of updates (two critical and seven high-severity vulnerabilities).

All of these issues, as well as vulnerabilities patched with previous Android security updates, are resolved on devices running a security patch level of 2021-01-05 or later.

On Pixel devices, a security patch level of 2021-01-05 also addresses four other vulnerabilities: a high-severity elevation of privilege in Framework and a moderate one in Kernel components, along with a moderate flaw in Qualcomm components and another in Qualcomm closed-source components.

Related: December 2020 Android Updates Patch 46 Vulnerabilities

Related: Google Patches 30 Vulnerabilities With November 2020 Android Updates

Related: Android's October 2020 Security Update Patches 48 Vulnerabilities

Related: Google Announces Android Partner Vulnerability Initiative


Source: dpu-ytiruces-1202-yraunaj-sesaeler-elgoog/kNbpit7PG_o/3~/keewytiruceS/r~/moc.elgoog.yxorpdeef

“Google Releases January 2021 Security Updates for Android”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Tools

Tag Cloud